package com.cwh.realm;

import java.util.ArrayList;
import java.util.List;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import com.cwh.entity.ActiveUser;
import com.cwh.entity.Employee;
import com.cwh.entity.MenuTree;
import com.cwh.entity.SysPermission;
import com.cwh.mapper.SysPermissionMapperCustom;
import com.cwh.service.EmployeeService;
import com.cwh.service.SysService;



public class CustomRealm extends AuthorizingRealm {
	
	@Autowired
	private SysService sysService;
	
	@Autowired
	private EmployeeService employeeService;
	
	@Autowired
	private SysPermissionMapperCustom sysPermissionMapperCustom;
	
	@Override
	public void setName(String name) {
		//设置realm的name
		super.setName("CustomRealm");
	}
	
	//认证
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		System.out.println("正在认证用户.....");
		String username = (String) token.getPrincipal();  //用户输入的帐号
		//假设仿问数据库
		Employee user = null;
		try {
			user = employeeService.findEmployeeByName(username);
		} catch (Exception e) {
			e.printStackTrace();
		}
		if (user == null) {
			return null; // UnknownAccountException
		}
		
		//根据parentid=1查询sys_permission表  
		//对应的菜单分别是 报销管理、流程管理、系统管理
		List<MenuTree> menuTree = sysService.loadMenuTree();
		
		//把用户的身份信息重新封装
		ActiveUser activeUser = new ActiveUser();
		activeUser.setUserid(user.getId());
		activeUser.setUsername(user.getName());
		activeUser.setManagerId(user.getManagerId());
		activeUser.setMenuTree(menuTree);
		
//		String password_db = user.getPassword();    // 数据库中的密码,密文
//		System.out.println(password_db);
//		String salt = user.getSalt();
//		System.out.println(salt);

		SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(activeUser, user.getPassword(), ByteSource.Util.bytes(user.getSalt()), this.getName());
		return info;
	}

	//授权
	//返回值simpleAuthorizationInfo
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {
		//获取主体->获取账号
		ActiveUser activeUser = (ActiveUser)SecurityUtils.getSubject().getPrincipal();
		Long userid = activeUser.getUserid();
		
		//获取用户权限列表返回表sys_permission记录
		List<SysPermission> permissionList=null;
		try {
			//根据用户id查询权限 子查询
			permissionList = sysPermissionMapperCustom.findPermissionListByUserId(String.valueOf(userid));
		} catch (Exception e) {
			// TODO 自动生成的 catch 块
			e.printStackTrace();
		}
		//记录用户的percode字段（所具有的权限）
		List<String> list=new ArrayList<String>();
		//取sys_permission记录的percode字段
		if(permissionList!=null&&permissionList.size()>0) {
			for(SysPermission s:permissionList) {				
				list.add(s.getPercode());
			}
		}
		
		SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
		//存储用户具有的资源权限列表
		simpleAuthorizationInfo.addStringPermissions(list);
		return simpleAuthorizationInfo;
	}



}